OtherInternational (IAASB)
ISAE 3402 — Assurance Reports on Controls at a Service Organisation
International Standard on Assurance Engagements (ISAE) 3402, issued by the International Auditing and Assurance Standards Board (IAASB), provides a framework for practitioners to issue assurance reports on controls at a service organisation. Type 1 reports describe controls and their design suitability at a point in time.
Domains
Type II Report
Type I Report
Management Assertion
System Description
Engagement Requirements
Compare ISAE 3402 — Assurance Reports on Controls at a Service Organisation
ISAE 3402 — Assurance Reports on Controls at a Service Organisation vs ISO 27001:2022View comparison →ISAE 3402 — Assurance Reports on Controls at a Service Organisation vs SOC 2View comparison →ISAE 3402 — Assurance Reports on Controls at a Service Organisation vs NIST CSF 2.0View comparison →ISAE 3402 — Assurance Reports on Controls at a Service Organisation vs GDPRView comparison →ISAE 3402 — Assurance Reports on Controls at a Service Organisation vs HIPAAView comparison →ISAE 3402 — Assurance Reports on Controls at a Service Organisation vs PCI DSS 4.0View comparison →
ISAE 3402 — Assurance Reports on Controls at a Service Organisation by Industry
ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Healthcare→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Financial Services→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Technology→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Government→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Manufacturing→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Energy→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Retail→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Education→
ISAE 3402 — Assurance Reports on Controls at a Service Organisation by Role
ISAE 3402 — Assurance Reports on Controls at a Service Organisation for CISOs→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Compliance Officers→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Risk Managers→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for IT Directors→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for DPOs→ISAE 3402 — Assurance Reports on Controls at a Service Organisation for Auditors→
Frequently Asked Questions
What is ISAE 3402?
International Standard on Assurance Engagements (ISAE) 3402, issued by the International Auditing and Assurance Standards Board (IAASB), provides a framework for practitioners to issue assurance reports on controls at a service organisation. Type 1 reports describe controls and their design suitability at a point in time.
How many controls does ISAE 3402 have?
ISAE 3402 contains 13 controls organized across 5 domains.
Where does ISAE 3402 apply?
ISAE 3402 is applicable in International (IAASB). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.
How do I get started with ISAE 3402 compliance?
Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.
How ready are you for ISAE 3402 — Assurance Reports on Controls at a Service Organisation?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.